Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp4284487imw; Tue, 19 Jul 2022 03:48:55 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sU1O30hKidO84FXbiswt3MQtt7qgdppyR81XI+e5+ybzOIQvY3MkzlUvLdOcWwCXr7bxkM X-Received: by 2002:a17:906:8a49:b0:72b:3b8d:31c3 with SMTP id gx9-20020a1709068a4900b0072b3b8d31c3mr30076007ejc.279.1658227735358; Tue, 19 Jul 2022 03:48:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658227735; cv=none; d=google.com; s=arc-20160816; b=AnRrdOI5OpXyEzIEpsQ1cYyZYFNZJn/mUFEYNlt5+cC/XSTM4zJ2/D+Elr+maADGe5 ZO6tI2Z8giSnJR61Wc6Gh6FhWhxHmkrPJUc4hq32buBVA7lAAmtHgVtZ2tTbfKH+5+KX JkazF+3GL3jm63np5OhNzPhca1/ABYTbm2GNfR20UJkKG4a5C0ZumWiXrr8G1uLIYSxH m9HTcWIaIZ0o8UAhxO+/6TB+tgJEjTiYxM+TGrAeyIZ3NHQbg0MV/ZgdwOSK4RTOqQXQ 1tl94n2N+w4EwdGJXfTqAkyZRsPrknXpH6b2b7gpnWzcDLnEJzrP/ZNu1t0m6k7ye1ss sp2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent:references:in-reply-to :subject:cc:to:from:message-id:date:dkim-signature; bh=njaNQE6SzyiUaXRap+5ie61+MyCXYfX8PWwiPcrQuz0=; b=xeseyntMl0b99aKY3EX1EDZCjG5vvd03fnMhx/basiHUh8ndBnRONdZtJopEVIC9gb F1lb1o9VC6rpo5fWov+nyX6f8WFK+/IF4TtVjvN+rGnxb5CBxKlMTUYtcoJw8y4Ub0Ih c5Xx4hh+gOsYPvvyFW7FpR4why//EhMJXRxQzguvL6JM9btnhn+zIvhFE0fXSrRXwJWI TjGk32/YLEEVtRBeJ5DuzJYRZWCM5MFYg4znFeEY5LiQFBZa/9XYcCAdMnkNHWSvT3LM bNlU6hzP5+ZldfpxPuaTx8+Uej41TzOSWgkohNYj8WcuouZnyf4ndi/gk2QKbO5RYM9W /n3w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=mY7eMT5c; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w12-20020a05640234cc00b0043a72fe76e5si23461736edc.366.2022.07.19.03.48.30; Tue, 19 Jul 2022 03:48:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=mY7eMT5c; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237333AbiGSKf1 (ORCPT + 99 others); Tue, 19 Jul 2022 06:35:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57580 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237225AbiGSKfZ (ORCPT ); Tue, 19 Jul 2022 06:35:25 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7AE536446 for ; Tue, 19 Jul 2022 03:35:22 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id DFDA261381 for ; Tue, 19 Jul 2022 10:35:21 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0BF2BC341C6; Tue, 19 Jul 2022 10:35:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1658226921; bh=LTURouQObNXUgAv2oCPXsD0v06f27q4kyC2HWGX13xc=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=mY7eMT5c56IEXPSXLZERVV7aqyLE4Iwd6q98HbdNg6DXgerRgumOkhqhVk8t/I6kG hcS/VeuVR6eb0NMHiQHIeaKlgpUpVfeu0CgnbwabpszMP2ltpmwCQ1g+HN3iZsoW16 j0F+0kNvx+2vPUbfQhloXxPPG1u2rCWTNcR2SAD68wgK5r0UBKSX1t0KWncYhVSiB0 r67q+h1eykeW4zqsI9ebvzwgv3HCpmimDp2k1YYSFcZmkdqryccDD7a8HVt836K3Na o5VKznU8E1oQAyqYCGIEPBtv1XWBsSX+FyHUFU/Tqq8Z/ciPbIW9cm/VbVOxDwZLYi U7ZVMsIbjPN0A== Received: from sofa.misterjones.org ([185.219.108.64] helo=why.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oDkZS-008SGg-U8; Tue, 19 Jul 2022 11:35:19 +0100 Date: Tue, 19 Jul 2022 11:35:18 +0100 Message-ID: <87ilntz8yh.wl-maz@kernel.org> From: Marc Zyngier To: Kalesh Singh Cc: Mark Rutland , Mark Brown , "Madhavan T. Venkataraman" , Will Deacon , Quentin Perret , Fuad Tabba , James Morse , Alexandru Elisei , Suzuki K Poulose , Catalin Marinas , andreyknvl@gmail.com, vincenzo.frascino@arm.com, Masami Hiramatsu , Alexei Starovoitov , Kefeng Wang , Marco Elver , Keir Fraser , Zenghui Yu , Ard Biesheuvel , Oliver Upton , "moderated list:ARM64 PORT (AARCH64 ARCHITECTURE)" , kvmarm , LKML , "Cc: Android Kernel" Subject: Re: [PATCH v4 08/18] KVM: arm64: Add PROTECTED_NVHE_STACKTRACE Kconfig In-Reply-To: References: <20220715061027.1612149-1-kaleshsingh@google.com> <20220715061027.1612149-9-kaleshsingh@google.com> <87cze252q7.wl-maz@kernel.org> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: kaleshsingh@google.com, mark.rutland@arm.com, broonie@kernel.org, madvenka@linux.microsoft.com, will@kernel.org, qperret@google.com, tabba@google.com, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, andreyknvl@gmail.com, vincenzo.frascino@arm.com, mhiramat@kernel.org, ast@kernel.org, wangkefeng.wang@huawei.com, elver@google.com, keirf@google.com, yuzenghui@huawei.com, ardb@kernel.org, oupton@google.com, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, kernel-team@android.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-Spam-Status: No, score=-7.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 18 Jul 2022 18:03:30 +0100, Kalesh Singh wrote: > > On Sun, Jul 17, 2022 at 11:56 PM Marc Zyngier wrote: > > > > [- Drew and android-mm, as both addresses bounce] > > > > On Fri, 15 Jul 2022 07:10:17 +0100, > > Kalesh Singh wrote: > > > > > > This can be used to disable stacktrace for the protected KVM > > > nVHE hypervisor, in order to save on the associated memory usage. > > > > > > This option is disabled by default, since protected KVM is not widely > > > used on platforms other than Android currently. > > > > > > Signed-off-by: Kalesh Singh > > > --- > > > arch/arm64/kvm/Kconfig | 15 +++++++++++++++ > > > 1 file changed, 15 insertions(+) > > > > > > diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig > > > index 8a5fbbf084df..1edab6f8a3b8 100644 > > > --- a/arch/arm64/kvm/Kconfig > > > +++ b/arch/arm64/kvm/Kconfig > > > @@ -46,6 +46,21 @@ menuconfig KVM > > > > > > If unsure, say N. > > > > > > +config PROTECTED_NVHE_STACKTRACE > > > + bool "Protected KVM hypervisor stacktraces" > > > + depends on KVM > > > + default n > > > + help > > > + Say Y here to enable pKVM hypervisor stacktraces on hyp_panic() > > > + > > > + If you are not using protected nVHE (pKVM), say N. > > > + > > > + If using protected nVHE mode, but cannot afford the associated > > > + memory cost (less than 0.75 page per CPU) of pKVM stacktraces, > > > + say N. > > > + > > > + If unsure, say N. > > > + > > > > Can we make this depend on NVHE_EL2_DEBUG instead? I'd like to keep > > the disclosing of EL2 information in protected mode a strict debug > > feature. > > Hi Marc, > > An earlier version was similar to what you propose. The unwinding > depended on NVHE_EL2_DEBUG and all unwinding was done from EL1 with > host stage 2 being disabled. The reason the design was changed is > because Android expressed the need for pKVM hyp stacktraces in > production environments. [1] I think that's an Android-specific requirement that doesn't apply to upstream. If Android wants to enable this in production (and potentially leak details of the hypervisor address space), that's Android's business, and they can carry a patch for that. Upstream shouldn't have to cater for such a thing. Thanks, M. -- Without deviation from the norm, progress is not possible.